#random (2018-08)
Non-work banter and water cooler conversation
A place for non-work-related flimflam, faffing, hodge-podge or jibber-jabber you’d prefer to keep out of more focused work-related channels.
Archive: https://archive.sweetops.com/random/
2018-08-01
Joy. Docker decided it to copy the “Java” distribution model.
Login to download. annoying
lame
CloudFlare uses nginx behind the scenes
2018-08-03
handy
shellcheck helps a lot
oh that’s nice!
We should add this linting to our build-harness
oh new to you? i kind of love it. it’s available by default in travis-ci
i think i’ve seen it before, but never used it
there’s another project that’s kind of an even stricter version, which i’m having trouble finding now for some reason, black something i think….
mis-remembering… it was a linter for python, https://github.com/ambv/black
You’re probably thinking of shfmt, the equivalent of black for bash: https://github.com/mvdan/sh
nice, tks!
thanks, this looks great too!
integrate it with https://marketplace.visualstudio.com/items?itemName=mynkow.FormatdocumentonSave for VS Code, and everyone write formatted code by default now
I want to add it to our build-harness so we validate that the code is well-formatted
our current lame linting: https://github.com/cloudposse/build-harness/blob/master/modules/bash/Makefile#L2
I guess “it depends on what the definition of is is”
2018-08-05
2018-08-17
For those in San Francisco, heads up! I’ll be presenting at “Production Ready Containers” meetup on Helmfiles.
nice! I’ll send some bay area friends that way
thanks @Max Moon!
2018-08-21
@Erik Osterman (Cloud Posse) I may see you 30th in San Francisco! I will be in that area next week.
ohh, no, I will leave few hours before the meetup to fly back to Oslo. Let’s grab a coffee if you are there (my flight from San Francisco airport is at 4:30pm).
On a side note, what are related meetups groups in that area? I will have several days to explore the area and want to attend some local meetups.
How cool! I arrive 8/29
Let’s meet up the day before if you are free
@antonbabenko
2018-08-22
I just bought reserved t2.micro 5 days ago, which is ~20$ more expensive than t3.micro.
perfect example of why you too should loathe the concept of RIs.
Amazon’s RI offering forces its customers to :
- become skilled at managing RIs (a skill that is totally unrelated to almost every business)
- gamble against future progress
Yes, but also, AWS is pretty good about letting you switch your RIs around. Still extra work, but mitigates impact a bit
Yeah, they can help, but the most challenging thing is to actually get money out after RI is sold. I live in Europe, but it works only for USA.
:(
No good deed goes unpunished
TL;DR: You’re awesome. Stop beating yourself up. Stop and smell the roses of your accomplishments thus far. Know when to use blinders.
@tamsky @Daren https://github.com/bitly/oauth2_proxy/issues/628
2018-08-23
What was the context regarding bitly/oauth2_proxy ?
@maarten i think it’s about bitly/oauth2_proxy not being maintained anymore as described here https://cloudposse.com/meetup/sweetops-town-hall-meeting/
I will add some context later today
@Andriy Knysh (Cloud Posse) is correct - it came up in our “Town Hall”
We’ve been using it with our “portal” for kubernetes, but have run into a lot of problems
Most of those problems are fixed in PRs that are languishing in their repo, unapproved without any comments from bitly
@tamsky suggested maybe someone ought to start a hard fork that is maintained.
turns out, others are feeling the same way - which is what the issue is about.
- openid connect is broken (can’t use okta)
- this is the other problem I have: https://github.com/bitly/oauth2_proxy/issues/558#issuecomment-398430903
AWS ALB supports Oauth now, I’ve been trying to find time to tinker with that instead of oauth2 proxy
Oh neat!
I suggested the same thing for Atlantis as they were also discussing the same Oauth proxy Thanks for giving context
It’s been a year or more since we looked into using the CoreOS ALB ingress controller for kubernetes. Looks like it’s changed owners now.
When we used it, it was a bit of a PIA because security groups, subnets, vpcs had to be manually specified
How is the portal written, is it an API ? Probably a lot of work, but is it splittable into accessible html & authenticated api gateway ?
Portal is just a very, very simple static bootstrap site generated using Helm templating. We use it to expose services in the kubernetes cluster like dashboard, grafana, prometheus, etc.
ok, nothing for api gw
If we were running the ALBs with k8s, it would probably be very easy
yea, though the portal only makes sense for us in kubernetes land
and it is actually entirely contained in a helm chart as a go formatted template
so moving it anywehre else for us would be a complete rewrite
anyways, might be something we reimplement later as a bonafide app
I was thinking about client ssl certificates. If cloudfront would do 2 way ssl authentication + openid etc.. Would be nice.
yea, could imagine for some highly sensitive workloads that would be nice.
i know cloudflare can do that
It would be neat if we could abstract away the OIDC stuff on every cloud. Google has theirs: https://cloud.google.com/iap/
2018-08-25
2018-08-27
@rms1000watt fancy meeting you ‘round these parts
Was writing some terraform modules.. stumbled on Cloud Posse, had a chat–and here I am. loool
you guys know each other?
Yeah, worked at Veritone together
hah, small world. how cool! @tamsky has been a great sounding board for me.
I believe it
I definitely appreciate the community that Erik is building.
Same here! Looking forward to contributing
@rms1000watt found us through our modules and reached out to me. Hopefully we’ll work together soon.
hah! I used Veritone at my last company (briefly), Logan was my rep, who looks like he got a major promotion since then
really cool stuff
Oh shit, a wild @tamsky appeared!
Veritone family ^^
lol
2018-08-28
@justin.dynamicd yay!!!! Thanks for joining man! Lurk all you want–but I’m going to point you out and highlight how awesome you are! https://www.linkedin.com/in/justin-king-26a4081b/ I worked with Justin at Lantern Credit in Newport Beach. Such a fun & dedicated guy to work with (He gets sh*t done–he’ll deliver and get the job done at any crazy hour). Also if there are any comic book people here–Justin is your man.
I need to update that LinkedIn, and thanks for the invite
time to do some channel surfing …
(ends up adding all the channels)
Only one hashi-themed channel? time to go knocking on doors like a digital moron and praise the books of Consul/Vault
Hey Justin! great to have you here
I’m getting a late start today. Will catch up on all the chatter in a couple hours! have a student from Caltech showing up soon that I’m helping with some cool GPU/kubernetes autoscaling stuff with kops.
2018-08-30
Hey @justin.dynamicd @rms1000watt - apropos of Newport Beach, I had a friend talking about opening up an office in Orange County somewhere and staffing with SREs, and he was asking me what I think the pool of good people is like. How would you answer? I’m in LA, and hiring good Ops people has been a pain for me forever. But I don’t know, maybe there’s tons of brilliant SREs behind the Orange Curtain?
Selfishly, you should open an OC office because OC is awesome.
As far as finding talent, @stobiewankenobi can answer that since he’s been trying to hire local to Veritone for a while
It’s been a pain iirc
@justin.dynamicd will probably have a different perspective also
Ok, so just like LA
So…
let’s create a DevOps Code School
in OC
There are some good people in OC for sure
Definitely tough to find though just because most of them are working on other interesting things.
I’d be happy to help/discuss at some point if you’re interested.
DevOps is just a rare breed. Definition is kind of soft for one thing, which makes it hard in hiring and job hunting.
DevOps is a buzz word that usually lands you interviews on making Dockerfiles out of bash scripts, and vague questions about kubernetes that make it clear they know little more than what Kelsey Hightower tweets.
It’s hard to find a employer/employee pairing where both parties are at similar maturity levels
My talk tonight is being live streamed
starts ~6:30pm PST
Topic is on how to use Helmfiles to effortlessly deploy apps on kubernetes
very cool
2018-08-31
“Hi Mitchel”
Met up with @antonbabenko in San Francisco!